Infosecurity News
ISACA London Chapter's E-Voting System Comes Under Scrutiny
ISACA London Chapter members demand e-voting system investigation over security and privacy concerns
iOS 18.3.2 Patches Actively Exploited WebKit Vulnerability
iOS 18.3.2 patches actively exploited WebKit flaw, addressing critical security risks for users
Trump Administration Shakes Up CISA with Staff and Funding Cuts
In a new round of cuts since Donald Trump became president, 100 people working with the US Cybersecurity and Infrastructure Agency saw their contracts terminated
Machine Identities Outnumber Humans Increasing Risk Seven-Fold
Surging machine identities, faster threat detection and fewer vulnerabilities are shaping cloud security according to a new report
Chinese Hackers Implant Backdoor Malware on Juniper Routers
Mandiant revealed that Chinese espionage actor UNC3886 has deployed modified versions of the TinyShell backdoor across multiple Juniper OS routers
Microsoft Patches a Whopping Seven Zero-Days in March
Microsoft has fixed seven zero-days this Patch Tuesday, including one not currently being actively exploited
UK Cybersecurity Sector Revenue Grows 12% to Top £13bn
The UK’s cybersecurity sector added thousands of workers and over £1bn in revenue in 2024
Blind Eagle Targets Colombian Government with Malicious .url Files
Blind Eagle has been running campaigns targeting the Colombian government with malicious .url files and phishing attacks
New York Sues Allstate Over Data Breach and Security Failures
New York sues Allstate over data breach, alleging security failures that exposed the driver’s license numbers of nearly 200,000 individuals
95% of Data Breaches Tied to Human Error in 2024
Mimecast found that insider threats, credential misuse and user-driven errors were involved in most security incidents last year
CISA Urges All Organizations to Patch Exploited Critical Ivanti Vulnerabilities
The US Cybersecurity and Infrastructure Security Agency (CISA) has added five new flaws in Ivanti and VeraCore products to its Known Exploited Vulnerabilities catalog
Record Number of Girls Compete in CyberFirst Contest
More than 14,500 girls from across the UK took part in this year’s CyberFirst Girls competition
DDoS Blamed as X Suffers Multiple Outages
Pro-Palestine Dark Storm Team group claims responsibility for major DDoS attacks on X
SIM Swapping Fraud Surges in the Middle East
SIM swapping fraud surges in the Middle East as cybercriminals exploit websites mimicking legitimate services to steal personal data
Surge in Malicious Software Packages Exploits System Flaws
A new report by Fortinet reveals techniques used by attackers to evade detection and compromise systems
UK AI Research Under Threat From Nation-State Hackers
The Alan Turing institute urged government and academia to address systemic cultural and structural security barriers in UK AI research
Switzerland Mandates Cyber-Attack Reporting for Critical Infrastructure
Starting April 2025, Swiss critical infrastructure organizations will have to report cyber-attacks to the country’s authorities within 24 hours of discovery
Texas Developer Convicted After Kill Switch Sabotage Plot
Software developer Davis Lu cost his employer hundreds of thousands after deploying malware that caused crashes and failed logins
Number of Unauthorized Cobalt Strike Copies Plummets 80%
Fortra claims the number of unauthorized Cobalt Strike licenses in the wild fell 80% over two years
Ransomware Groups Favor Repeatable Access Over Mass Vulnerability Exploits
Travelers found that ransomware groups are focusing on targeting weak credentials on VPN and gateway accounts for initial access, marking a shift from 2023
